Daonity: an experience on enhancing grid security by trusted computing technology

Authors:
Fei Yan;Weizhong Qiang;Zhidong Shen;Chunrun Chen;Huanguo Zhang;Deqing Zou
Affiliations:
Computer School, Wuhan University, Wuhan, China;College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China;Computer School, Wuhan University, Wuhan, China;College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China;Computer School, Wuhan University, Wuhan, China;College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Venue:
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Year:
2006

Citing 8
Cited 2

A security architecture for computational grids

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Building a high-performance, programmable secure coprocessor

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Building the IBM 4758 Secure Coprocessor

Computer
AEGIS: architecture for tamper-evident and tamper-resistant processing

ICS '03 Proceedings of the 17th annual international conference on Supercomputing
An Online Credential Repository for the Grid: MyProxy

HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
A Community Authorization Service for Group Collaboration

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
PorKI: Making User PKI Safe on Machines of Heterogeneous Trustworthiness

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A hardware-secured credential repository for Grid PKIs

CCGRID '04 Proceedings of the 2004 IEEE International Symposium on Cluster Computing and the Grid

TVDc: managing security in the trusted virtual datacenter

ACM SIGOPS Operating Systems Review
Managing application whitelists in trusted distributed systems

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

A critical problem for grid security is how to gain secure solution for Grid virtual organization (VO). In Grid practice at present, issues of VO security rely on non-distributed policy management and related PKI mechanism. A practical but difficult solution is to enforce fine granularity policy over distributed sites. The emerging Trusted Computing (TC) technologies offer great potential to improve this situation. In our Project Daonity, Trusted Platform Module (TPM), as a tamper-resistance module, is shared as a strong secure resource among platforms of grid users. Based on the sharing mechanism, a TC-enabled architecture is proposed to improve Grid Security Infrastructure, especially authorization protection and single sign on are enhanced to demonstrate how to gain enhanced and distributed security in grid environment.